When to use this
Use this checklist during an internal audit of network architecture, device security, zoning, routing, virtual networks, monitoring, and change control.
Related controls
- A.8.20 Networks Security
- A.8.20 Audit Evidence Pack
- Network Security Architecture and Zoning Standard
- Network Device Configuration and Change Review
- Network Monitoring and Corrective Action Register
- Virtual Network and Hypervisor Security Review
Audit checklist
- Review network topology and zone documentation.
- Verify diagrams match actual configuration.
- Review sensitive traffic and public network exposure.
- Check network device administration controls.
- Sample firewall, routing, VPN, and management rules.
- Review network change records.
- Check virtual/cloud network and hypervisor scope.
- Check backup, DR, and administrative network paths.
- Review network monitoring and fault/security event records.
- Trace network security alerts to incident or corrective action where needed.
Findings table
| Network area | Expected evidence | Observed evidence | Gap | Finding type | Action owner |
|---|---|---|---|---|---|
| TBD | TBD | TBD | TBD | NC / observation / conforming | TBD |
- Template
- Audit
- Iso27001
- A8 20
Note Metadata
Aliases: A.8.20 Networks Security Audit Checklist
Source: 90 Templates/A.8.20 Audit Checklist.md
Graph-sourced resources
Templates and evidence
Auditor evidence packs
Evidence collections and audit-facing verification material.
Related Notes
- A.8.20 Audit Evidence Pack
- Audit Evidence MOC
- ISO 27001 A.8.20 - Networks Security
- A.8 Technological Controls MOC
- A.8 Technological Controls Audit Guide
- A.8 Technological Controls Implementation Audit Risk Mapping
- Network Device Configuration and Change Review
- Network Monitoring and Corrective Action Register
- Network Security Architecture and Zoning Standard
- Virtual Network and Hypervisor Security Review
- Audit Evidence Index
- Templates MOC